Posted
by
Soulskillon Saturday June 22, 2013 @10:30AM
from the points-for-consistency dept.

An anonymous reader writes "According to The Guardian, the UK government is tapping fiber-optic cables that carry global communications and gathering vast amounts of data. The British Government Communications Headquarters (GCHQ) has been sharing the data with its American counterpart, the NSA. 'The sheer scale of the agency's ambition is reflected in the titles of its two principal components: Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. This is all being carried out without any form of public acknowledgement or debate. ... The documents reveal that by last year GCHQ was handling 600m "telephone events" each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.'"

"The Armed Forces Security Agency (AFSA)[2] and its successor NSA were given direct access to daily microfilm copies of all incoming, outgoing, and transiting telegrams via the Western Union and its associates RCA and ITT. "

GP knew that. That's why he picked the words "Shamrock" and "Blarney" out of all the many words of the English language. Shamrock was one of the first NSA bulk-collection projects; Blarney is a current project that's said to gather metadata like device location information (you know, like how all your iPhone photos get GPS tagged if you're not careful?). Blarney is PRISM's lesser-known cousin.

Reading history, you frequently come across periods where you wonder "How could people put up with this?" or "Why didnâ(TM)t they just do X" where X is the solution which was eventually reached 20 years later.

Looking at the modern world, I realise I'm living in just such a period. A pity I'm not longer "smart" enough to figure out what the current X should be. I guess I may have been a little too hard on all those "stupid" societies in the past.

Then again, maybe it's not wrong to think that they and we are just, actually stupid.

X should be mandatory end to end encryption on all private communication. That way, if it's not encrypted it's fair game for eavesdropping. If it is, the communication should legally be treated as sealed envelope.Spy agencies will still surreptitiously intercept the communication and try to break the encryption, but at least they'll have to work for it. If they have to work hard enough blanket screening will become impractical.

Information being encrypted is actually a legal excuse for the NSA to store those records indefinitely. Unless you exchange your keys in person by whispering in a dark alley, I'm not sure it would make much of a difference anyway.

The solution is to let the gov't know we won't stand for this. If a large enough number of people protest, the government will listen but yes the question is whether Brits & Americans have become too pussified for this to happen. But just because something doesn't seem possible today doesn't mean it isn't possible. Just look at the protests in Brazil:

Just a few weeks ago, Mayara Vivian felt pretty good when a few hundred people showed up for a protest she helped organize to deride the government over a proposed bus fare increase... But when tens of thousands of protesters thronged the streets this week, rattling cities across the country in a reckoning this nation had not experienced in decades, she was dumbfounded, at a loss to explain how it could have happened. https://www.nytimes.com/2013/06/21/world/americas/brazil-protests.html [nytimes.com]

You will not see any widespread outrage until the government tries to use the data they are collecting against someone. It is then and only then that someones 4th Amendment rights come into play. So far there has not been any evidence that information collected by PRISM or by FISA warrants has led to any governmental abuse. Those busy hyperventilating over the recent outing of intelligence activities evidently have not been paying attention. The supposedly secret NSA programs have not been a very well kept

You will not see any widespread outrage until the government tries to use the data they are collecting against someone. It is then and only then that someones 4th Amendment rights come into play.

Isn't that a bit like saying (to pick a government's favourite flamebait) you will not see any widespread outrage until the terrorists try to set off a weapon of mass destruction, and it's only then that people's right not to be attacked by others comes into play?

Given the potential consequences, maybe we should be more careful about allowing anyone to have these capabilities in the first place? For once, Godwinning the thread at this point would actually be justified.

If a terrorist detonated a nuke the first people to complain will be the ones currently up in arms about the government intelligence activities. The second group of people would immediately claim the US deserved to be the attacked. The third group would not care in the slightest as long as the attack did not affect them personally. That then leaves a very small percentage of people who are actually afraid and most them will be under 10 years old. The government should close the TSA claiming budget considera

Nah, Orwell wasn't even close. He might have been close to predicting STASI in East Germany, but this would have been far, far into science fiction. In his story they might have had telescreens but it was always humans watching humans. Huge segments of the population were informers, everybody was aware the Party had eyes and ears everywhere. Ask yourself, how many of the US/UK population knew these programs even existed? I'm guessing thousands out of hundreds of millions. And if the power that be take one lesson away from this it's not going to be the one you want, it's that humans are a liability. They suffer from a conscience and believing in the constitution, also called espionage and treason. Which is why more of this is going to be automated with fewer in the "need to know".

I'm quite sure China has just the same kind of systems - if not better - to track dissidents, you say something bad about the regime on any media flags start going up around you. The computers will do what their masters instruct with utter dedication. The only good news for now is that you still need human thugs to do the dirty work of throwing people in jail, but we're making progress towards changing that. We already have bomb disposal robots, I'm guessing a team of SWAT robots isn't that far behind. And if it comes to actual civil war more and more weapons are "smart weapons" that won't work for the rebels, did a tank operator defect to the enemy? Throw the kill switch. The deck is getting more and more stacked against any insurrection against any regime for any reason.

History can be a tricky thing, especially when you are projecting into the future to determine what "the history" will be.

For all we know the current period could in fact be not "1983," but rather "1938." Will one of the many crisis or conflicts be the Sudetenland [japandailypress.com]? Will one of them turn out to be the invasion of Poland [indiatimes.com]? There are plenty of candidates.

Let us hope a shooting war between the major powers doesn't start any time soon.

Yes, our navy is much diminished these days, but it is of a much higher quality than in 1982. Today, we have multiple submarines that could take part in tactical strikes on both the islands and the Argentinian mainland rather than just the one submarine that had to stand off from the fight and could only be assigned to shadowing the Belgrano. Today we have a fleet with air defences that are order of magnitudes better than those of the fleet in 1982 (at least one of the major sinking was due to the recentl

Your points are well made. The Falklands are much better garrisoned and defended today than they were in 1982. And ship for ship, the Royal Navy's warships are much more capable. I still think there is reasonable cause for concern given the size of the cutbacks in MoD. I think Lord West has a point, and it isn't just the Royal Navy that has shrunk. The Vulcans are long gone from the RAF, with no replacement. RAF squadrons are being deactivated. And the British Army is shrinking. Well, hopefully it

The purpose of the British submarine nuclear deterrence is a mystery to me.

The British military has an undisputed capability to launch a nuclear strike and has very good special forces. Strictly in terms of national defence, those seem to be the two most valuable capabilities in today's world. One deters attacks by nation states or other similar "large" opponents, and the other takes care of terrorists, kidnappers, and other similar "small" opponents.

This is in no way intended to diminish the other valuable roles that British forces can play in the world, for which obviously just

There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live--did live, from habit that became instinct--in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized.

The most innovative theater going these days is not "security theater,' but "civil rights theater." As demonstrated above, the dialog is ever more scintillating and persuasive. The plots ever more colorful. The fiction ever more developed. The distraction from the real world ever more enticing. But every once in a while, ugly reality blows up in your face, with the threat to do so again.

These results are from a poll of Muslim students:â" 33% claim that killing is justified if done to protect religion.â" 40 percent support the introduction of sharia for British Muslims.â" 33 percent support a worldwide Islamic caliphate based on sharia.

Yeah but those numbers are similar to the numbers Christian post in our well developed, secular democracy_

The policy that everyone is guilty till proved innocent, everyone must pay what does a few, and that government is free to do because they know better falls badly when you have lots people that gets innocents harmed by the government. The terrorist scare is an excuse, the real target is power gathering. And with power, comes abuse of power, and believe me, you will prefer a few deaths by terrorists than what is coming, because by now is unstoppable.

In the end, Muslim leaders blame the West for their trouble and western leaders blame Islam for their trouble. The problem isn't a religious one : most people on the planet are inherently well meaning regardless of differences. The problem that the majority of the population on either sides seems to be oblivious to is that our "leaders" blame each other while sitting back and enjoying the show and will come up with some new reason to blame the other camp whenever the time comes to squeeze the people a l

this is what i dont understand...why is there a "need" for all of this. they arent stopping "terrorism" nor are they really using it in a way thats stopping any major crimes. dont get me wrong, i am weird and 100% opposed to all of this. but who are they protecting with all of this data mining?

Probably a case of institutional panic. You know, like others are so deathly afraid of child porn on the internet that they're loudly clamouring for (and getting!) nation-wide filtering against "badness" on anyone's internet connection. Nevermind that most actual child abuse happens within families or other obvious relations of trust, like teachers or preachers. Similarly with terrorism on the internet and espionage on the internet and clamouring for "cyber-offensive capabilities" or whatever it's called th

why is there a "need" for all of this. they arent stopping "terrorism" nor are they really using it in a way thats stopping any major crimes.

I don't mean to defend the program, but what makes you so certain it does not (and cannot) detect terrorist plots? That would be the stated purpose, anyway, and when a plot is detected and pre-empted, they wouldn't publicize how they did it, as doing so would give other terrorists information on how to avoid detection.

Binary thinking is an oversimplification -- it's perfectly possible for a program to be both an Orwellian privacy nightmare AND an effective tool for catching terrorists.

i didnt say that cant, im saying they arent. if this program was so effective they would be singing its praises nonstop, by their own admission (in the US at least, they have only prevented but stopping a handful of terror events that werent dependent on it) seems like an odd investment in the technology. you are right, you can have tools that are great at preventing crimes and the trade off is that it is an Orwellian nightmare.

Doesn't this then obviate the need for Orwellian monitoring of it's citizens since their stated justification is such a low level threat?

Probably -- but it would depend on the cost of allowing a terrorist plot to succeed. (e.g. if the plot was using pressure cookers, that's one thing, but if it's using stolen nuclear weapons, the risk/reward calculations are different)

Probably -- but it would depend on the cost of allowing a terrorist plot to succeed.

That argument is assuming that Orwellian monitoring of all citizens is the only way to stop a terrorist plot. A strong argument could be made that a more focused operation would be more effective. It would almost certainly be more cost effective. That is of course if the Orwellian monitoring of all citizens was actually for the purpose of stopping terrorism. Although I guess it is if you class any form of dissent or challenge of the powers that be terrorism [slashdot.org].

I don't mean to defend the program, but what makes you so certain it does not (and cannot) detect terrorist plots? That would be the stated purpose, anyway, and when a plot is detected and pre-empted,

Who cares if it stops a few "terrorists"? normal criminals have proven to be just as capable of killing people and in far far greater and predictable numbers than any terrorist boogieman your state can conjur to scare you into submission.

they wouldn't publicize how they did it, as doing so would give other terrorists information on how to avoid detection.

Law enforcement often gets on TV and brags about how they were able to defeat threats. Entire documentary series give away LEA tactics and methods tought with no classification attached.

When criminals are arrested and tried in courts everything about the case is not kept s

I don't mean to defend the program, but what makes you so certain it does not (and cannot) detect terrorist plots?

Have you seen ANY evidence it does? If it was don't you think the government would be trotting out some credible cases (the ones mentioned so far have been pretty easily debunked) in defense of these programs? You're asking us to have faith that it actually does that in the absence of any supporting evidence. You have the guys caught with their hands in the cookie jar preaching to us about how many terrorist attacks this has prevented and how many lives have been saved yet they haven't produced a credible s

You could probably stop a lot of terrorist plots, or at least illegal acts, if you had sound and video monitoring in all bathrooms public and private. That doesn't make it worth it.

You could probably stop a handful of terrorist attacks by monitoring absolutely everything, though this seems a bit far fetched. Half the world would have to be monitors, but leaving that aside, you could probably solve a lot more of terrorist plots using real police work rather than storing all communications ever made. The o

If lots of terrorists were being caught they would be being sent to jail or deported. We have secret courts, the secret evidence could be used against them with no danger of it leaking out into the public.

The fact that there are not large numbers of people being convicted or even charged with terrorism offences suggests that there really are not many such people out there. All we have are the words of assurances of known liars that all this is happening to justify what they are doing.

Them. Governments, or rather people that run Countries (i.e. the government might change, but the people in the background stay there, the money people). The illuminati, (if you like), do not want the hoi polloi to uprise, so monitor every aspect of what we do - it's called 'control'.

this is what i dont understand...why is there a "need" for all of this. they arent stopping "terrorism" nor are they really using it in a way thats stopping any major crimes. dont get me wrong, i am weird and 100% opposed to all of this. but who are they protecting with all of this data mining?

Because that is what leadership does when people lose ability to control them. No matter what they tell you, they always want absolute power. People that don't want some kind of power don't get into politics. It really is simple as that.

For a very long time, I couldn't understand why Americans were supposed to have arms and why it was even in constitution. However, now I really understand why it's there (too late to do anything, though), and I also realize that people that created US constitution were so mu

The UK interest in coded product goes back to the Soviet embassy codes before ww2.
After that code breaking effort political leaders in the UK have really asked "how can we help" and for "more" over every generation.
As US tech got cheaper more became "everything"
GCHQ has had its ups and downs trading the Empire ie land to the USA for NSA product.
The GCHQ was also very smart in staying out of the press, not going to court vs spies and some publishers (so did the NSA for a long time).
The bulk data interest could always be seen as with the first Intelsat (international satellite telephone calls) efforts at Goonhilly Downs -CSO Morwenstow,/GCHQ Bude got every keyword of interest in the late 1960's.http://cryptome.org/jya/gchq-etf.htm [cryptome.org] international telephone calls to and from Ireland.
The finding of any keyword of interest on all phonelines was always the aim in the 1960-80's.
re protecting with all of this data mining - the gov, the celebrities, press, trade, disruptive technology, arms deals, diplomatic blackmail, dissidents, protesters, disarmament, peace protesters, bases, police corruption, local elections, trade unions - anything and anyone that could get traction in the community or be a worry to the establishment.
The file placed before a political leader becomes addictive and gets wide domestic budget cuts turned into expanded projects.
Major crimes where only been an issue in ~1990-2000 and seem to have stopped due to the ability of major crime networks to slowly stop using all electronic communications once the court cases start.
CIB3 (anti-corruption squad) and 'Operation Nigeria' also showed what could go wrong for the GCHQ. Corrupt police officers very quickly learn of huge new efforts wrt to "major crimes" and guess what - all electronic communications stop.
Better to let the perception of anonymity keep people talking.
The future is just like the NSA - a rewinding of anyones 'internet' life once they are discovered.
To keep that amount of data you have to collect it all, store and in the past filter for keywords/known links.
Add in facial recognition, voice prints, cell tracking, spyware, drones.

this is what i dont understand...why is there a "need" for all of this. they arent stopping "terrorism" nor are they really using it in a way thats stopping any major crimes. dont get me wrong, i am weird and 100% opposed to all of this. but who are they protecting with all of this data mining?

They are using it to keep themselves in power. That is all. You know the saying Power Corrupts? Well, this is what they are talking about.

First Google was collecting info on me, but I was cool with it, i used their free services.Now every company is collecting info on me, but I'm cool with it, after all, it's for business right?Then the Government request access to the data from the companies, but it's okay, it's for terrorist prevention, right?Then the Government just starting tapping the source and forgets to tell me about it, and I say, wtf? Who said that was okay?Then the Government tells me its in the name of terrorism, and I ask them, why you are terrorizing your own citizens?Then the Government locks me up for questioning them, but you don't know because they don't tell anyone anything.

They will want to know everyones friends and contacts so they can systematically deal with any potential leaders of revolution. I expect they think they are going to save lives by preventing or snubbing a flare-up of civil unrest. But what they are really doing is protecting a very corrupt status quo that got us into this mess.

Actually, the real question is this: Against such habits of secrecy, skirting any and all laws and regulations, avoiding public debate, and even not telling their own lords and masters what they're up to, fits only one remedy, that of immediate shutdown of the outfit and never ever letting such people near government anything again. How, as the world's internet population, are we going to manage that?

While the program may or may not be any good at catching terrorists, I'm sure it works fantastically well against political opponents who use regular avenues of communication because they feel they have nothing to hide.

Enjoy your freedoms as just another software developer, artist, author.
Start a blog about 'your' new free code/encryption/file system if you have the skills.
Safe from spyware, keyboard hardware loggers, MacWin/Linux ready....free and real soon now.
Start talking about the press by name, mention corruption, new insights into past political 'deals' in your State, city.
Go way beyond simple keyword lists and make sure its in your geographic area.
Drive around a lot in new ways/times, stop as if 'meeting' t

As usual, the solution is to encrypt as much as possible. Your SSL traffic is safe, and those who use encrypted email are safe. The point is that you really shouldn't have to protect yourself from your own government. It sounds like they're no longer *your* government.

The NSA has admitted that "using encryption" is justification for keeping all your records for longer (including US persons). Even though strong encryption is mainly used to protect legitimate business interests.

If the government knows where your encrypted files went, they just go there to that place with a warrant on "National Security Grounds" from a FISA court and strong arm the recipient, who probably just wet his pants when these guys stormed into his office.

The NSA has already said it holds all encrypted traffic for a long time or forever in the assumption you might be doing something against them. That suggests we could overwhelm them with 100% encrypted web traffic. Unfortunately, the government would wan

Except the NSA keeps all the encrypted stuff, and then will keep it for 5 years after it is decrypted. What is more correct is to say that the encrypted stuff is temporarily safe until a flaw in the encryption scheme is discovered, or computing power is sufficient to make brute force attacks trivial.

This however exposes the lie inherent to the claim that it is to protect us from terrorism. 15 or 20 year old decrypted data will have no relevance to a terrorist attack happening tomorrow. It's only use may be as background material in a post-attack and post-aprehension trial (as if a fair trial would be allowed).

Agreements with Verisign (or other CAs) would not help here: Verisign will NOT get the website's private key when somebody ask for a certificate.

It is possible (but unlikely) that the CSR (Certficate Signing Request) may be of use to NSA though. It does NOT contain the private key.

It is MUCH easier to strong-arm a CA to sign NSAs newly-generated key for e.g. "facebook.com" and play man-in-the-middle on whatever traffic they're listening in on - isn't that what Iran did with google traffic? (My memory is va

I am willing to bet that if Henry Stimpson knew the consequences of closing down the equivalent of the NSA in 1929, he would have sacrificed his "Gentlemen do not read each others mail" mantra in a heartbeat. In fact, he did just that in WW2 because he came to realize the value of intelligence gathering activities.

I personally hope that GCHQ and the NSA are gathering as much intelligence as possible. What is needed is a boundary on who that intelligence is passed on to and used, not how much is gathered.

The US government can search without a warrant, so physical security is limited.

A warrant does not magically embue a SQL command with the ability to search the log files of millions of individually owned computers. If it did, the NSA would not be centralizing as much of this information as they can get their hands on.

Not "everyone" thinks this is bad, but everyone with even a little bit of knowledge about history knows that giving the government such powers so they can catch the scary bogeyman will inevitably result in the government abusing said powers. Everyone else... well, they're under the delusion that government workers are perfect beings, apparently.

But who identifies the enemy? Declaring war is the job of Congress. Unless they do so, individual terrorist acts are a law enforcement issue and should be handled within the constraints of that function.

I am willing to bet that if Henry Stimpson knew the consequences of closing down the equivalent of the NSA in 1929, he would have sacrificed his "Gentlemen do not read each others mail" mantra in a heartbeat. In fact, he did just that in WW2 because he came to realize the value of intelligence gathering activities.

I personally hope that GCHQ and the NSA are gathering as much intelligence as possible. What is needed is a boundary on who that intelligence is passed on to and used, not how much is gathered.

You reckon that everyone should lose their rights so that "intelligence agencies" could gather as much data as possible? And we should make it as easy as possible for them too?

1. Hoover set up a massive index of FBI files on american citizens in the WWI era, it was later shutdown by congress as a massive affront to American law and history

1.a. Nixon used the security apparatus to damage his political opponents. That is why we had the Church Committee to investigate past abuses of the CIA, NSA, FBI, etc, where gross nazi-style human rights abuses were revealed. That's why we have FISA courts and why USSID 18 was supposed to exist and be respected.

I don't agree. When in history has domestic intelligence not been used in unintended ways? Why do think it will be different this time?

The fact is all the firewalls don't work because nothing stops anyone from changing the rules later on. The only way to prevent a government any government, possible any organization from misusing data is to prevent it from collecting such data in the first place and even that isn't easy. Data gathering is very much a case of you can't put the genie back in the bottle.

No boundaries. Let's say the NSA is prohibited from spying on Americans and the GCHQ is prohibited from spying on Brits (I know, unrealistic assumption but play along). The NSA grabs all the info from the Brits' communications, the GCHQ does the same for Americans' communications. Then, they just trade data. Voila! NSA isn't spying on Americans, and GCHQ isn't spying on Brits, and all those people saying "but of course the NSA spies on foreigners, no story here, move along".... well, I don't know what

You spy for a foreign power, that's treason and GCHQ are traitors. You're exposing Britain to political spying and commercial spying. You're exposing Europe to commercial and political spying.

CIA/NSA will use that data to ensure UK politicians do their bidding over the bidding of the voters. You made that possible.CIA/NSA will use that data to ensure European politicians do their bidding over the bidding of the voters. You made that possible too. We have examples of it already in Wikileaks, with Holland.

RIPA did not give GCHQ the power to spy for the NSA. That's why they're demanding the snoopers charter. Trying to legalize what they're doing.

"The 2000 Regulation of Investigatory Powers Act (Ripa) requires the tapping of defined targets to be authorised by a warrant signed by the home secretary or foreign secretary. However, an obscure clause allows the foreign secretary to sign a certificate for the interception of broad categories of material, as long as one end of the monitored communications is abroad."

So that means the NSA gets all the data it can't legally collect (but tries to anyway) from GCHQ and GCHQ gets all the data it legally can't intercept from NSA.An illegal reacharound, sustained by secret laws that put a military man in charge.

It also means that GCHQ's loyalty is more aligned with General Keith Alexander, than with David Cameron. Those 40000 search rules the NSA provided? How many of them were against UK interests? How many of them spied on Brits for the benefit of the CIA? How many of them spied on Americans for the benefit of a rogue General?

I don't know what all the fuss is about: Naturally, to be able to find any terrorist or child pornography related data you have to sieve through all of it.It's even more bizarre that people are so surprised that a spying agency has been, well, spying!

Interesting that they chose not to go after any LIBOR fixers or financial criminals don't you think?

It's almost like there's a double standard in which the people who work in the government use the powers they have been given for their own profit rather than the interests of the public, all the while trotting out a couple of extremely rare bogeymen to justify their actions.

GCHQ provides (for cash per transaction) intelligence including credit card user information and history, recorded phone calls, and all other forms of electronic communication of USA citizens to the NSA.

This is how NSA games the USA Constitution and blackmails Congress, the Executive and the Judiciary.

It also means the NSA (with GCHQ) is the largest holder of online porn in the World. It is a given that the porn NSA holds is sold to southeast Asia countries whereby it ends up in China, after 'goodwill' cash

Well, now we know that all Internet communications are exposed down to the wire or fiber to deep packet inspection systems. Is the IETF working on any counter-measures against this? Like, some new kind of protocol to thwart our friendly feathered government snoop-dooper friends?

I was thinking of something that would leave IP packets alone, so that they could still be routed correctly through the existing Internet. But . . . scramble the IP fragmentation sequence somehow, so that only the sender and rece

This is what confuses me... It is trivial to encode messages in ways that no one but the intended target would ever know what your talking about. "I am going to the store to buy eggs" could mean all sorts of terrible things, if we got together and prearranged meanings. You can never catch things like this, unless your lucky.

All of our "terorrists will kill everyone, so trust us" actions seem to work on the presumption that all terrorists are morons. Which is probably pretty far from the truth.